Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by vendor Corega Subscribe

CVSS v3 Filter

ALL
NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Search

Total 7 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2017-10813 1 Corega 2 Wlr 300 Nm, Wlr 300 Nm Firmware 2017-09-20 7.7 HIGH 6.8 MEDIUM
CG-WLR300NM Firmware version 1.90 and earlier allows an attacker to execute arbitrary OS commands via unspecified vectors.
CVE-2017-10814 1 Corega 2 Wlr 300 Nm, Wlr 300 Nm Firmware 2017-09-20 7.7 HIGH 6.8 MEDIUM
Buffer overflow in CG-WLR300NM Firmware version 1.90 and earlier allows an attacker to execute arbitrary code via unspecified vectors.
CVE-2016-7810 1 Corega 2 Cg-wlr300nx, Cg-wlr300nx Firmware 2017-06-16 3.5 LOW 4.8 MEDIUM
Cross-site scripting vulnerability in Corega CG-WLR300NX firmware Ver. 1.20 and earlier allows attacker with administrator rights to inject arbitrary web script or HTML via unspecified vectors.
CVE-2016-7808 1 Corega 4 Cg-wlbaragm Firmware, Cg-wlbargmh, Cg-wlbargnl and 1 more 2017-06-15 4.3 MEDIUM 6.1 MEDIUM
Cross-site scripting vulnerability in Corega CG-WLBARGMH and CG-WLBARGNL allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2016-4824 1 Corega 4 Cg-wlr300gnv, Cg-wlr300gnv-w, Cg-wlr300gnv-w Firmware and 1 more 2016-06-28 5.0 MEDIUM 5.3 MEDIUM
The Wi-Fi Protected Setup (WPS) implementation on Corega CG-WLR300GNV and CG-WLR300GNV-W devices does not restrict the number of PIN authentication attempts, which makes it easier for remote attackers to obtain network access via a brute-force attack.
CVE-2015-7793 1 Corega 1 Cg-wlbaragm Firmware 2015-12-30 5.0 MEDIUM 5.8 MEDIUM
Corega CG-WLBARAGM devices provide an open proxy service, which allows remote attackers to trigger outbound network traffic via unspecified vectors.
CVE-2015-7794 1 Corega 1 Cg-wlncm4g Firmware 2015-12-30 5.0 MEDIUM 5.8 MEDIUM
Corega CG-WLNCM4G devices provide an open DNS resolver, which allows remote attackers to cause a denial of service (traffic amplification) via crafted queries.